Authorization and authentication based on an individual&#39;s social network

ABSTRACT

An individual&#39;s social network is used to authorize information flow to the individual and to authenticate the individual for access to certain information or services. Information flow to the individual is authorized if the source of the information is a member of the individual&#39;s social network who is connected to the individual along a path that does not traverse through anyone on a gray list of the individual. The black list identifies those members who previously sent unwanted communication to the individual or posted content that was deemed offensive by the individual. The gray list identifies those members who are one degree separated from any black list member. The individual is authenticated for access to certain information or services if a member of the individual&#39;s social network already has access and this member is connected to the individual along a path that does not traverse through anyone on a gray list of the individual, or if members of the individual&#39;s social network who are connected to the individual along a path that does not traverse through anyone on a gray list of the individual have an average authentication rating that is at least a minimum value.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention generally relates to authorizing activities andauthenticating individuals, and more specifically, to methods forauthorizing information flow to an individual and authenticating anindividual for access to information or service based on thatindividual's social network.

2. Description of the Related Art

One of the major benefits of the Internet has been the ease ofcommunicating information to a large number of people. Some users have,however, been abusing this benefit by sending unwanted e-mailsolicitations, known as SPAM, to individuals over the Internet. Theproblem with SPAM has become so pervasive that some states have passedlegislation prohibiting SPAM.

Further, the open nature of the Internet has caused providers of contentand service over the Internet to place controls on who may access itscontent or service. The controls are sometimes unnecessarily restrictiveand the processes used to grant access tend to be overly cumbersome, tothe detriment of both users who might have benefited from the content orservice and providers who might have benefited from revenues generatedfrom these users.

SUMMARY OF THE INVENTION

The invention provides a method of authorizing transmission of contentto an individual as a way to filter out unwanted communication such asSPAM or content that the individual might find to be offensive, and amethod of authenticating individuals for access to content or servicethat makes the content or service available to more users while limitingaccess to potentially abusive users of the content or service. Inparticular, a service provider examines an individual's social networkand a black list of persons that have been determined to beuntrustworthy to determine whether to authorize transmission of contentto that individual or authenticate that individual for access toinformation or service.

In a first embodiment of the invention, the authorization is performedin connection with an e-mail communication service. When an e-mailcommunication with an individual is attempted, that individual's socialnetwork is searched for a path between the sender and the individual. Ifthe path exists and the path does not traverse through unauthorizednodes, the e-mail communication is authorized. If there is no such path,the e-mail communication is prohibited.

In a second embodiment of the invention, the authorization is performedin connection with a search. When an individual enters a search query,the search engine retrieves relevant search results for delivery to theindividual. The search results that are delivered to the individual donot include content posted by those persons who are not connected to theindividual in the individual's social network through authorized nodes.

In a third embodiment of the invention, the service provider is a thirdparty content provider. When an individual requests access to thecontent provided by this entity, the entity examines its user base todetermine if any of its users is related to this individual. If there isa relationship and the individual and the related user are connectedthrough authorized nodes, the individual is given access. If not, accessis denied to the individual.

In a fourth embodiment of the invention, the service provider is alender. When an individual applies for a loan, the lender examines thecredit ratings of members of the individual's social network who areconnected to the individual through authorized nodes. If the averagecredit rating of these members is at least a minimum credit score, thelender continues to process the loan application. Otherwise, the loanapplication is rejected.

BRIEF DESCRIPTION OF THE DRAWINGS

So that the manner in which the above recited features of the presentinvention can be understood in detail, a more particular description ofthe invention, briefly summarized above, may be had by reference toembodiments, some of which are illustrated in the appended drawings. Itis to be noted, however, that the appended drawings illustrate onlytypical embodiments of this invention and are therefore not to beconsidered limiting of its scope, for the invention may admit to otherequally effective embodiments.

FIG. 1 is a diagram illustrating the relationships between members in asocial network.

FIG. 2 is a block diagram illustrating a system for providingrelationship information from a social network to an existing database.

FIG. 3 is a representation of the social network of FIG. 1 in a treeformat.

FIG. 4 is a sample black list used in the invention.

FIG. 5 is a sample gray list used in the invention.

FIG. 6 is a flow diagram that illustrates the steps carried out inauthorizing transmission of content to an individual.

FIG. 7 is a flow diagram that illustrates the steps carried out inauthenticating an individual for online access.

FIG. 8 is a sample white list used in the invention.

FIG. 9 is a flow diagram that illustrates the steps carried out inauthenticating an individual for access to a loan.

DETAILED DESCRIPTION

A social network is generally defined by the relationships among groupsof individuals, and may include relationships ranging from casualacquaintances to close familial bonds. A social network may berepresented using a graph structure. Each node of the graph correspondsto a member of the social network. Edges connecting two nodes representa relationship between two individuals. In addition, the degree ofseparation between any two nodes is defined as the minimum number ofhops required to traverse the graph from one node to the other. A degreeof separation between two members is a measure of relatedness betweenthe two members.

FIG. 1 illustrates a graph representation of a social network centeredon a given individual (ME). Other members of this social network includeA-U whose position, relative to ME's, is referred to by the degree ofseparation between ME and each other member. Friends of ME, whichincludes A, B, and C, are separated from ME by one degree of separation(1 d/s). A friend of a friend of ME is separated from ME by 2 d/s. Asshown, D, E, F and G are each separated from ME by 2 d/s. A friend of afriend of a friend of ME is separated from ME by 3 d/s. FIG. 1 depictsall nodes separated from ME by more than 3 degrees of separation asbelonging to the category ALL.

Degrees of separation in a social network are defined relative to anindividual. For example, in ME's social network, H and ME are separatedby 2 d/s, whereas in G's social network, H and G are separated by only 1d/s. Accordingly, each individual will have their own set of first,second and third degree relationships.

As those skilled in the art understand, an individual's social networkmay be extended to include nodes to an Nth degree of separation. As thenumber of degrees increases beyond three, however, the number of nodestypically grows at an explosive rate and quickly begins to mirror theALL set.

FIG. 2 is a block diagram illustrating a system for creating andmanaging an online social network. As shown, FIG. 2 illustrates a system100, including an application server 200 and graph servers 300. Thecomputers of system 100 are connected by a network 400, e.g., theInternet, and accessible by over the network by a plurality ofcomputers, collectively designated as 500. The application server 200manages a member database 210, a relationship database 220, and a searchdatabase 230.

The member database 210 contains profile information for each of themembers in the online social network managed by the system 100. Theprofile information may include, among other things: a unique memberidentifier, name, age, gender, location, hometown, references to imagefiles, listing of interests, attributes, and the like. The profileinformation also includes VISIBILITY and CONTACTABILITY settings, theuses of which are described in a commonly owned, co-pending application,“System and Method for Managing Information Flow Between Members of anOnline Social Network,” (U.S. patent application Ser. No. 10/854,057,published as U.S. Patent Application Publication No. US 2005/0267766A1), filed May 26, 2004, the contents of which are hereby incorporatedby reference. The relationship database 220 stores information definingto the first degree relationships between members. The relationshipdatabase 220 stores information relating to the first degreerelationships between members. In addition, the contents of the memberdatabase 210 are indexed and optimized for search, and stored in thesearch database 230. The member database 210, the relationship database220, and the search database 230 are updated to reflect inputs of newmember information and edits of existing member information that aremade through the computers 500.

The application server 200 also manages the information exchangerequests that it receives from the remote computers 500. The graphservers 300 receive a query from the application server 200, process thequery and return the query results to the application server 200. Thegraph servers 300 manage a representation of the social network for allthe members in the member database 210. The graph servers 300 andrelated components are described in detail in a commonly owned,co-pending application, “System and Method for Managing an Online SocialNetwork,” (U.S. patent application Ser. No. 10/854,054, published asU.S. Patent Application Publication No. US 2005/0267940 A1), filed May26, 2004, the contents of which are hereby incorporated by reference.

Graph servers 300 store a graph representation of the social networkdefined by all of the members (nodes) and their correspondingrelationships (edges). The graph servers 300 respond to requests fromapplication server 200 to identify relationships and the degree ofseparation between members of the online social network. The applicationserver 200 is further configured to process requests from a third partyapplication 610 to provide social network information (e.g., therelationships between individuals) for user records maintained in athird party database 620. The third-party application 610 makes therequests to the application server 200 through an applicationprogramming interface (API) 600. The methods by which the social networkinformation maintained in the system 100 is shared with a third party isdescribed in detail in a commonly owned, co-pending application, “Methodof Sharing Social Network Information with Existing User Databases,”(U.S. patent application Ser. No. 10/867,610, published as U.S. PatentApplication Publication No. US 2006/0004789 A1), filed Jun. 14, 2004,the contents of which are hereby incorporated by reference.

FIG. 3 is a representation of the social network of FIG. 1 in a treeformat starting with member B at the top and showing all membersconnected to B. Members P-U are not shown in FIG. 3 because they are notconnected to B in the social network of FIG. 1. G and H are shown twicebecause each is connected to B through two different paths. C′, E′ andG′ each collectively represents individuals who are identified incontact lists maintained by members C, E and G, respectively. Theseindividuals typically are not members of the social network of FIG. 1.Other members also maintain contact lists, but for simplicity, it isassumed that only C, E and G have data stored in their contact lists.The contact list information includes name, address, telephone numbers,e-mail addresses, and similar types of information that are stored incontact management software such as Outlook® and ACT!®.

The present invention will be illustrated with the following fourexamples: (1) authorizing an individual to communicate with a member ofthe social network (by way of e-mail, instant messaging, text messaging,voicemail, and other similar means); (2) authorizing content madeavailable by an individual to be transmitted to a member of the socialnetwork for viewing; (3) authenticating a member of the social networkfor access to online content; and (4) authenticating a member of thesocial network for access to a loan. In each of these examples, thedecision on whether to authorize the information flow to B (examples 1and 2), or to authenticate B for access to information or service(examples 3 and 4), will be based on a black list and B's socialnetwork.

A black list used in authorizing information flow to a member (examples1 and 2), or in authenticating the member for access to a loan (example4) is defined with respect to the member. In the example given here, asingle black list is maintained for a member. However, the black listmay be defined separately for different types of activity. For example,the black list used in authorizing e-mail communication to B may bedifferent from the black list used in authorizing content made availableby an individual to be transmitted to B for viewing.

A black list that is defined with respect to a member is typicallyupdated by that member. For example, if B received an unwantedcommunication (e.g., SPAM) from D and L, or while browsing profiles ofother members in the social network, came across D's content and L'scontent that B found to be offensive, B will add D and L to its blacklist. This black list is shown in FIG. 4.

A black list used in authenticating a member for access to onlinecontent or service (example 3) is defined globally with respect toeveryone seeking access, but it is maintained separately for eachdifferent online content/service provider. For example, a black listused in authenticating a member for access to information or servicemade available by a provider ABC is different from a black list used inauthenticating a member for access to information or service madeavailable by provider XYZ. This type of black list is typically updatedby the provider of the information or service. For example, if the blacklist shown in FIG. 4 is ABC's black list, this would signify that ABChad previously determined that D and L abused their online accessprovided by ABC and added D and L to its black list.

A gray list is derived from a black list and the social network of themember with respect to whom authorization and authentication is beingcarried out. In examples 1, 2 and 4, the gray list is derived from theblack list of member B and B's social network. In example 3, the graylist is derived from the black list of the provider of content orservice to which member B is seeking access and B's social network. Thegray list simply includes all members of B's social network who are onedegree separated from any member of B's social network who is on theblack list. The gray list derived from the black list of FIG. 4 and thesocial network of FIG. 1 would include C, I, J, F, and M, and is shownin FIG. 5.

Alternatively, the gray list may be limited to all members of B's socialnetwork who are: (i) one degree separated from any member of B's socialnetwork who is on the black list, and (ii) included in a path betweenthe black list member and the member with respect to whom authorizationand authentication is being carried out. The gray list derived in thismanner would include members C and F, but not members I, J and M.

Individuals identified in the gray list of a member becomenon-traversing nodes with respect to that member. A “non-traversingnode” with respect to a member is a node through which a connection tothe member cannot be made. For example, referring to FIG. 3 and usingthe gray list of FIG. 5, a connection from B to E cannot be made becausethe path from B to E traverses through C, who is on the gray list and isa non-traversing node. The connection from B to C, on the other hand,can be made because the path from B to C ends at C and does not traverse“through” C.

FIG. 6 is a flow diagram that illustrates the steps carried out inauthorizing an e-mail communication from A to B or authorizingtransmission of A's content to B (e.g., in connection with delivery ofsearch results in response to a search query by B). In Step 610, a blacklist that is maintained for B and used in authorizing e-mailcommunication with B is retrieved. In Step 620, the black list issearched for A. If A is identified in the black list, the informationflow to B is prohibited (Step 670). Otherwise, a gray list is derivedfrom the black list and B's social network (Step 630). In Step 640, abreadth first search (or alternatively, a depth first search) isconducted on B's social network to find paths from B to A. Optionally,the breadth first search could be limited to members who are within amaximum degree of separation value specified by the member (signifyingthat the member does not wish to receive communication from, or reviewcontent posted by, other members who are too far removed) or by theoperator of the social network (as a way to conserve computingresources). If there is any path from B to A that does not pass througha non-traversing node (i.e., an individual in the gray list), theinformation flow to B is authorized (Step 660). Otherwise, theinformation flow to B is prohibited (Step 670).

In the example given above, the party that is providing the e-mailcommunication service and the search engine service and carrying out theauthorizations is the operator of B's social network. The invention isapplicable to situations where the party that is providing the e-mailcommunication service and the search engine service and carrying out theauthorizations is a third party that has access to the databasecontaining B's black list and information about B's social network. Insuch a case, the third party will retrieve B's black list and a graphrepresentation of B's social network from this database in accordancewith the methods described in the application, “Method of Sharing SocialNetwork Information with Existing User Databases,” (U.S. patentapplication Ser. No. 10/867,610, published as U.S. Patent ApplicationPublication No. US 2006/0004789 A1), filed Jun. 14, 2004. The thirdparty carries out the remaining steps described above (Steps 620-670) inthe same manner.

Also, a person who is not a member of B's social network may bepermitted to communicate with B, if the person is identified in acontact list of a member who is not identified in the gray list andconnected to B along a path that does not pass through a non-traversingnode. For example, referring to FIG. 3, G′ will be able to send e-mailto B because G′ is identified in the contact list of G who is notidentified in the gray list and none of the nodes connecting G to B arenon-traversing nodes. By contrast, C′ will not be able to send e-mail toB because C is identified in the gray list; and E′ will not be able tosend e-mail to B because the only path from E to B is through anon-traversing node (C).

In an alternative embodiment, a white list identifying all members ofB's social network who are authorized to transmit content to B may begenerated, either real-time or off-line as a batch process, and searchedeach time content transmission to B is attempted. The white listgenerated in this manner includes all members of B's social network whoare connected to B along a path that does not traverse through a memberidentified in B's gray list, and e-mail addresses stored in the contactlists of members who are identified in the white list and not in thegray list. The white list can be further narrowed by limiting it tothose members who are within a maximum degree of separation from B,where the maximum degree of separation may be specified by either B orthe operator of the social network.

FIG. 7 is a flow diagram that illustrates the steps carried out inauthenticating B for access to an online service provided by a thirdparty. In Step 710, the service provider receives a request for accessfrom B. The request includes certain identifying information of B, suchas B's e-mail address. In Step 720, in accordance with the methodsdescribed in the application, “Method of Sharing Social NetworkInformation with Existing User Databases,” (U.S. patent application Ser.No. 10/867,610, published as U.S. Patent Application Publication No. US2006/0004789 A1), filed Jun. 14, 2004, this service provider makes arequest to a social network database for a graph representation of B'ssocial network and receives the graph representation of B's socialnetwork. In Step 730, a black list that is maintained by this serviceprovider is retrieved. In Step 740, a gray list is derived from theblack list and B's social network. In Step 750, a breadth first search(or alternatively, a depth first search) is conducted on B's socialnetwork to generate a white list. All members of B's social network whoare connected to B along a path that does not traverse through anyunauthorized nodes (i.e., individuals identified in the gray list) getincluded on this white list. FIG. 8 shows the white list generated fromB's social network shown in FIG. 3 if the gray list shown in FIG. 5corresponds to the gray list derived in Step 740. If any individualidentified in the white list is in the user database of this serviceprovider (Step 760), B's online access is authenticated (Step 770).Otherwise, B's online access is denied (Step 780).

FIG. 9 is a flow diagram that illustrates the steps carried out inauthenticating B for access to a loan. In Step 910, the lender receivesa request for a loan from B. The request includes certain identifyinginformation of B, such as B's e-mail address. In Step 920, in accordancewith the methods described in the application, “Method of Sharing SocialNetwork Information with Existing User Databases,” (U.S. patentapplication Ser. No. 10/867,610, published as U.S. Patent ApplicationPublication No. US 2006/0004789 A1), filed Jun. 14, 2004, this lendermakes a request to a social network database for a graph representationof B's social network and receives the graph representation of B'ssocial network. In Step 930, a black list that is maintained for B isrequested and received from the social network database in the samemanner as in Step 920. In Step 940, a gray list is derived from theblack list and B's social network. In Step 950, a breadth first search(or alternatively, a depth first search) is conducted on B's socialnetwork to generate a white list. All members of B's social network whoare connected to B along a path that does not traverse through anyunauthorized nodes (i.e., individuals identified in the gray list) getincluded on this white list. Optionally, the lender may specify amaximum degree of separation value (e.g., N_(max)). If it is specified,the white list will include only those members of B's social network whoare within N_(max) degrees of separation from B. In Step 960, the creditratings of individuals in the white list are retrieved and weightingfactors are applied to the credit ratings based on the degree ofseparation between the individual and B. As an example, a weightingfactor of 1/10^(N) may be applied to the credit ratings, where N is thedegree of separation between the individual and B. If the average creditrating is above a minimum score, B is authenticated and the processingof B's loan application is permitted to proceed (Steps 970 and 980). Ifnot, B is not authenticated, and B's loan application is rejected (Steps970 and 990).

The above examples of the white list, the black list, and the gray liststore member identifiers (e.g., A, B, C, etc.) to identify members ofthe social network. Other identifying information, such as e-mailaddresses, may be stored in these lists. In cases where the listsidentify persons who are outside the social network, the e-mail addressis stored in place of the member identifier. For example, a SPAM e-mailaddress, not corresponding to any e-mail address within the socialnetwork, may be added to a member's black list. Any future attempts tosend e-mail from this e-mail address will be prohibited pursuant to thedecision block in Step 620 of FIG. 6. Also, if the SPAM e-mail addressadded to the member's black list corresponds to an e-mail address storedin a contact list maintained by a person in the social network, the graylist that is derived from this black list will include the memberidentifier corresponding to the person who has the blacklisted e-mailaddress in his or her contact list.

While particular embodiments according to the invention have beenillustrated and described above, those skilled in the art understandthat the invention can take a variety of forms and embodiments withinthe scope of the appended claims.

1. A method comprising: receiving, by one or more computing devices, arequest to transmit content relating to a first user to a second user,each of the users having a user identifier (ID); retrieving, by one ormore of the computer devices, a black list maintained for the seconduser, the black list comprising a first set of user IDs of a first setusers; accessing, by one or more of the computing devices, a graphstructure defining relationships among a plurality of users, the graphstructure comprising a plurality of nodes and connections between thenodes, each node corresponding to one of the users, each connectionbetween two nodes being a single degree of separation between the twousers corresponding to the two nodes; determining, by one or more of thecomputing devices, a gray list comprising a second set of user IDs of asecond set of users based on the relationships defined by the graphstructure, each of the users in the second set of users being separatedin the graph structure from at least one of the users in the first setof users of the black list by only one degree of separation; andauthorizing, by one or more of the computing devices, the transmissionof the content to the second user if the nodes corresponding to thefirst and second users are connected to each other in the graphstructure by a series of connections and nodes that does not comprise anode corresponding to a user in the second set of users of the graylist.
 2. The method according to claim 1, wherein the first set of userIDs includes user IDs of the users whose content is not authorized to betransmitted to the second user.
 3. The method according to claim 2,further comprising updating, by one or more of the computing devices,the first set of user IDs based on an input by the second user.
 4. Themethod according to claim 1, wherein the content includes an e-mailcommunication.
 5. The method according to claim 1, further comprisingprocessing, by one or more of the computing devices, a search request bythe second user to generate a search result that includes the content inresponse to the search request, wherein said search result is modifiedif the transmission of the requested content is not authorized and saidsearch result is not modified if the transmission of the requestedcontent is authorized.
 6. The method of claim 1, further comprisingretrieving, by one or more of the computing devices, a white listcomprising a third set of user IDs of a third set of users.
 7. Themethod of claim 6, wherein the third set of user IDs includes user IDsof the users whose content is authorized to be transmitted to the seconduser.
 8. The method of claim 6, wherein the third set of users comprisesall users from the plurality of users corresponding to all nodes fromthe plurality of nodes, respectively, that are: connected to the nodecorresponding to the first user by a series of connections and nodesthat does not comprise a node corresponding to one of the users in thefirst set or second set of users; and not nodes corresponding toindividuals in the first set of users.
 9. The method of claim 6, furthercomprising authorizing, by one or more of the computing devices,transmission of the content to the second user if the user ID of thefirst user is in the third set of user IDs.
 10. The method of claim 1,further comprising communicating, by one or more of the computingdevices, to the first user a notification if the transmission of thecontent to the second user was not authorized.
 11. The method of claim1, further comprising transmitting, by one or more of the computingdevices, the content to a computing device of the second user if thetransmission of the content is authorized and blocking the transmissionof the content to the computing device of the second user if thetransmission of the content is not authorized.
 12. A system comprising:one or more processors; and one or more servers having at least a memorystoring computer executable instructions that when executed by one ormore of the processors cause the processors to: receive a request totransmit content relating to a first user to a second user, each of theusers having a user identifier (ID); retrieve a black list maintainedfor the second user, the black list comprising a first set of user IDsof a first set of users; access in the data store a graph structuredefining relationship among a plurality of users, the graph structurecomprising a plurality of nodes and connections between the nodes, eachnode corresponding to one of the users, each connection between twonodes being a single degree of separation between the two userscorresponding to the two nodes; determine a gray list comprising asecond set of user IDs of a second set of users based on therelationships defined by the graph structure, each of the users in thesecond set of users being separated in the graph structure from at leastone of the users in first set of users of the black list by only onedegree of separation; and authorize the transmission of the content tothe second user if the nodes corresponding to the first and second usersare connected to each other in the graph structure by a series ofconnections and nodes that does not comprise a node corresponding to auser in the second set of users of the gray list.
 13. The system ofclaim 12, wherein the first set of user IDs includes user IDs of theusers whose content is not authorized to be transmitted to the seconduser.
 14. The method according to claim 13, wherein the servers arefurther operative to update the first set of user IDs based on an inputby the second user.
 15. The system of claim 12, wherein the contentincludes an e-mail communication.
 16. The system of claim 12, whereinthe servers are further operative to process a search request by thesecond user to generate a search result that includes the content inresponse to the search request, wherein said search result is modifiedif the transmission of the requested content is not authorized and saidsearch result is not modified if the transmission of the requestedcontent is authorized.
 17. The system of claim 12, wherein the serversare further operative to retrieve a white list comprising a third set ofuser IDs of a third set of users.
 18. The system of claim 17, whereinthe third set of user IDs includes user IDs of the users whose contentis authorized to be transmitted to the second user.
 19. The system ofclaim 17, wherein the third set of users comprises all users from theplurality of users corresponding to all nodes from the plurality ofnodes, respectively, that are: connected to the node corresponding tothe first user by a series of connections and nodes that does notcomprise a node corresponding to one of the users in the first set orsecond set of users; and not nodes corresponding to individuals in thefirst set of users.
 20. The system of claim 17, wherein the servers arefurther operative to authorize transmission of the content to the seconduser if the user ID of the first user is in the third set of user IDs.21. The system of claim 12, wherein the servers are further operative tocommunicate to the first user a notification if the transmission of thecontent to the second user was not authorized.
 22. The system of 12,wherein the servers are further operative to transmit the content to acomputing device of the second user if the transmission of the contentis authorized and blocking the transmission of the content to thecomputing device of the second user if the transmission of the contentis not authorized.